Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Security Analyst

Posted about 2 months agoViewed

View full description

💸 Salary: 95000.0 - 150000.0 USD per year

🔍 Industry: Security

🏢 Company: NIH-NCBI

🗣️ Languages: English

Requirements:
  • B.S or higher degree in Computer Science.
  • Working knowledge and demonstrated experience in network design, network security, and firewall technologies. Experience with Fortinet preferred.
  • Experience with testing and identifying network and system vulnerabilities using tools from vendors such as Tenable, IBM, Checkmarx, and Netsparker.
  • Experience with log analysis. Experience with Splunk preferred.
  • Good understanding of computing security, authentication techniques, operation procedures and general practices in an enterprise IT infrastructure.
  • Demonstrated self-initiated ability for analyzing, debugging, and tracking security issues.
  • Identifies problems, determines the accuracy and relevance of information, and uses sound judgment to generate and evaluate alternatives, and to make recommendations.
  • Excellent organization and time management skills and ability to identify priorities as needed to accomplish a variety of tasks.
  • Excellent written and oral communication skills and ability to work with people at every level.
Responsibilities:
  • Application security monitoring (web scanning) to include performing source code analysis and web scanning using COTS tools.
  • Vulnerability management using Security Center.
  • Analyze architecture and system functionality for a broad range of technologies.
  • Log analysis for incident remediation/threat hunting.
  • Troubleshooting security and network problems.
  • Provide support in the areas of information assurance, vulnerability assessment, enterprise protection planning, security monitoring, incident response, cyber security, and cyber threat analysis.
  • Firewall management.
Apply

Related Jobs

Apply
🔥 Privacy and Security Analyst
Posted 1 day ago

📍 United States, Canada

🧭 Full-Time

💸 101500.0 - 155500.0 USD per year

🔍 Software Development

🏢 Company: Webflow👥 501-1000💰 $120,000,000 Series C about 3 years ago🫂 Last layoff 8 months agoCMSWeb HostingWeb Design

  • At least 5 years of experience in privacy compliance, data governance, or similar legal/compliance analyst
  • Bachelor's Degree or equivalent experience
  • Strong knowledge of privacy regulations
  • Demonstrated experience managing privacy and security incidents and conduct privacy risk assessments
  • Proficiency with Project Management, Workflow Tools (JIRA, Confluence, etc.) Excellent analytical, organizational, and problem-solving skills
  • Strong interpersonal or communication skills, with the ability to collaborate effectively across teams
  • Experience with Privacy-by-Design and integrating privacy principles into business processes
  • Preferred CIPP, CIPT, or CIPM
  • Are able to manage multiple projects in a fast-paced environment while meeting deadlines
  • Have technical expertise and analytical skills
  • Have communication and interpersonal skills
  • Support the development, implementation, and maintenance of Webflow’s privacy and security program, policies, and procedures
  • Ensure compliance with applicable federal, state and industry privacy regulations
  • Respond to DSRs, and improve PIAs, Incident Plan processes, and Privacy/Security controls
  • Implementing and Ongoing management of data privacy and security compliance tools
  • Conduct regular privacy and security risk assessments to identify vulnerabilities and recommend mitigation strategies
  • Participate in internal audits and collaborate with internal/external auditors to address compliance with gaps
  • Investigate and manage privacy incidents, breaches, or complaints, ensuring timely reporting and remediation in compliance with regulatory requirements
  • Prepare and maintain breach notification documents and data bases
  • Develop and update privacy-related policies, guidelines, and procedures
  • Create and deliver training materials to educate employees on privacy standards and best practices
  • Develop and maintain proactive auditing and monitoring program
  • Monitor regulatory developments and industry trends to ensure organizational policies remain up-to-date
  • Generate reports and metrics to track compliance with privacy standards and identify areas for improvement
  • Understand data-sharing agreements, and other relevant contracts to ensure regulatory compliance
  • Collaborate and address non-standard agreements or high-risk engagements

Project ManagementCommunication SkillsAnalytical SkillsComplianceInterpersonal skillsRisk Management

Posted 1 day ago
Apply
Apply
🔥 Privacy and Security Analyst
Posted 1 day ago

📍 United States, Canada

🧭 Full-Time

💸 101500.0 - 155500.0 USD per year

🔍 Software Development

  • At least 5 years of experience in privacy compliance, data governance, or similar legal/compliance analyst
  • Bachelor's Degree or equivalent experience
  • Strong knowledge of privacy regulations
  • Demonstrated experience managing privacy and security incidents and conduct privacy risk assessments
  • Proficiency with Project Management, Workflow Tools (JIRA, Confluence, etc.) Excellent analytical, organizational, and problem-solving skills
  • Strong interpersonal or communication skills, with the ability to collaborate effectively across teams
  • Experience with Privacy-by-Design and integrating privacy principles into business processes
  • Preferred CIPP, CIPT, or CIPM
  • Are able to manage multiple projects in a fast-paced environment while meeting deadlines
  • Have technical expertise and analytical skills
  • Have communication and interpersonal skills
  • Support the development, implementation, and maintenance of Webflow’s privacy and security program, policies, and procedures
  • Ensure compliance with applicable federal, state and industry privacy regulations
  • Respond to DSRs, and improve PIAs, Incident Plan processes, and Privacy/Security controls
  • Implementing and Ongoing management of data privacy and security compliance tools
  • Conduct regular privacy and security risk assessments to identify vulnerabilities and recommend mitigation strategies
  • Participate in internal audits and collaborate with internal/external auditors to address compliance with gaps
  • Investigate and manage privacy incidents, breaches, or complaints, ensuring timely reporting and remediation in compliance with regulatory requirements
  • Prepare and maintain breach notification documents and data bases
  • Develop and update privacy-related policies, guidelines, and procedures
  • Create and deliver training materials to educate employees on privacy standards and best practices
  • Develop and maintain proactive auditing and monitoring program
  • Monitor regulatory developments and industry trends to ensure organizational policies remain up-to-date
  • Generate reports and metrics to track compliance with privacy standards and identify areas for improvement
  • Understand data-sharing agreements, and other relevant contracts to ensure regulatory compliance
  • Collaborate and address non-standard agreements or high-risk engagements

Project ManagementCybersecurityData AnalysisCommunication SkillsAnalytical SkillsComplianceRisk ManagementData management

Posted 1 day ago
Apply
Apply
🔥 Security Analyst – Risk, Applications & Infrastructure
Posted 1 day ago

  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience).
  • Understanding of cloud platforms (AWS, Azure) and cloud security best practices.
  • Experience with vulnerability scanning and assessment tools for applications and infrastructure.
  • Familiarity with security frameworks and compliance standards (NIST, ISO 27001, SOC 2, CIS Benchmarks).
  • Proficiency in security testing, penetration testing, and vulnerability analysis.
  • Knowledge of security monitoring tools, intrusion detection systems, and SIEM solutions.
  • Ability to assess security risks, prioritize vulnerabilities, and recommend remediations.
  • Experience conducting security audits and control evaluations.
  • Strong problem-solving skills and ability to work collaboratively in cross-functional teams.
  • Effective written and verbal communication skills for both technical and non-technical audiences.
  • Identify, assess, and mitigate security risks related to IT applications and infrastructure.
  • Develop and implement risk management frameworks to ensure continuous monitoring and improvement of security postures.
  • Work with stakeholders to define and implement security policies and guidelines aligned with risk tolerance.
  • Facilitate risk assessments and security reviews across business units and IT environments.
  • Evaluate IT applications and infrastructure against security control frameworks (e.g., NIST, ISO 27001, CIS, SOC 2).
  • Conduct internal security audits to assess compliance with corporate security policies and regulatory requirements.
  • Identify gaps in security controls, document findings, and support remediation planning.
  • Maintain documentation and evidence for security audits and regulatory assessments.
  • Collaborate with teams to analyze, categorize, and prioritize vulnerabilities based on severity, potential impact, and likelihood of exploitation.
  • Track vulnerability remediation efforts and ensure timely patching and risk mitigation.
  • Conduct regular security assessments of applications, APIs, cloud infrastructure.
  • Monitor security tools and analyze logs for signs of suspicious activity, vulnerabilities, or policy violations.
  • Assist with security incident response, forensic analysis, and remediation plans.
  • Engage with internal and external stakeholders, including Experian’s Cyber Fusion team, to enhance security posture.
  • Act as a Security Champion, training and mentoring teams on security best practices, secure coding, and compliance.
  • Assist in tracking and improving security control effectiveness across business units.
  • Promote a culture of security awareness through training and engagement programs.
  • Support the integration of security tools into CI/CD pipelines to enable automated security testing.
  • Utilize security tooling (SAST/SCA/DAST/CSPM/DSPM) to evaluate and improve security posture.
  • Enhance API security practices and application security testing methodologies.
  • Work cross-functionally to drive security improvements.
  • Generate reports for management on vulnerability status, security incidents, and audit findings.
  • Ensure alignment of security initiatives with business objectives and risk tolerance.
Posted 1 day ago
Apply
Apply
🔥 Information Security Analyst
Posted 3 days ago

📍 Canada, U.S.

🔍 Information Security

  • 3 - 5+ years of information security experience
  • Thorough knowledge of networks and cloud computing
  • Experience with SOC 2 Type 2
  • Knowledge of data protection operations and legislation (e.g. GDPR, PIPEDA, HIPAA)
  • Experience diagnosing and stopping cyberattacks
  • Experience with vulnerability scanning solutions
  • Experience penetration testing
  • Proficiency with mobile device management and endpoint management software
  • A thorough understanding of security best practices
  • Leadership and organizational skills
  • Ability to manage multiple projects
  • Outstanding communication skills
  • Problem-solving aptitude
  • Ability to troubleshoot and repair issues
  • Create and maintain security policies at TealBook
  • Work with SOC 2 Type 2 auditors to ensure compliance and certification
  • Work with customers to communicate TealBook’s security stance and gather security requirements
  • Guide and collaborate with software engineers to design, implement and operate secure systems
  • Guide and collaborate with data engineers to design and implement data security best practices
  • Perform penetration testing and remediation
  • Perform vulnerability testing and remediation
  • Plan and maintain a security roadmap
  • Track and manage security risks

Cloud ComputingCybersecurityLDAPComplianceRisk ManagementData modelingScripting

Posted 3 days ago
Apply
Apply
🔥 Principal Security Analyst - Remote
Posted 6 days ago

📍 United States, Canada, United Kingdom, India

🔍 Cybersecurity

  • 5 or more years of progressing/in-depth IT security experience.
  • System Administration experience (Windows, Unix/Linux, Mac)
  • Advanced understanding of networking concepts and ability to analyze network artifacts.
  • Demonstrated experience in using Endpoint Detection and Response software (SentinelOne, Crowdstrike, Defender ETC.)
  • Advanced knowledge of at least one leading SIEM platform (Sentinel, Splunk, Elastic, IBM Qradar, Chronicle etc.)
  • Possess at least one industry certification Sec+, CEH, SANS Certification (e.g. GCIH, GCIA, GSEC, GMON), OSCP etc. or working towards a related certification.
  • Prior knowledge of SOAR platform such as Siemplify, Forti soar etc.
  • Basic scripting or development experience in one of the following languages: Python, JavaScript, PowerShell, bash, etc.
  • Exceptional written and verbal communication skills.
  • Demonstrated expert knowledge of the MITRE ATT&CK framework.
  • Take ownership of positive security outcomes for a designated set of customers.
  • Provide overall guidance, instruction, mentorship, and leadership to other Security Analysts.
  • Drive customer cadence calls and act as trusted advisor to customers.
  • Develop custom dashboards and reports for regular customer status updates.
  • Ensure quality of SOC deliverables to the Principal Analyst’s customers.
  • Perform Threat Hunting on customer networks to detect, isolate threats and provide recommendations.
  • Provide proactive security investigation and searches on client environment to detect malicious activities.
  • Expert-level Strategic Analysis of customer security posture, risk level, and security data.
  • Update documentation and runbooks to ensure repeatable analysis.
  • Advise Detection Engineering, Automation Engineering, and Telemetry Engineering on technology improvements to close gaps in customer security posture.
  • Document and communicate recommendations and guidelines based on results of analysis.
  • Maintain current knowledge and understanding of threat landscape.

PythonSQLBashCybersecurityData AnalysisCommunication SkillsAnalytical SkillsCI/CDProblem SolvingCustomer serviceMentoringLinuxWritten communicationDocumentationNetworkingReportingActive listeningRisk ManagementScripting

Posted 6 days ago
Apply
Apply
🔥 Security Analyst Architecture & Engineering
Posted 9 days ago

🧭 Full-Time

🏢 Company: Sourcefit👥 51-100💰 over 1 year agoStaffing AgencyConsultingHuman ResourcesInformation Technology

  • Experience in a combination of network and or infrastructure design, information security, and Digital IT jobs.
  • Knowledge of information security management frameworks, such as ISO/IEC 27001, and NIST are beneficial but not essential.
  • An understanding of the evolving threat landscape and the ability to translate an emerging threat’s likelihood of exploiting inherent weaknesses, and business impact and therefore articulating calculating overall risk and developing risk mitigations - is beneficial.
  • Methodical approach to architecture design inclusive of threat assessment and treatment.
  • Broad technical Digital IT and Industrial experience including Cloud computing, websites, ERP, big data, ICS, and SCADA systems.
  • Contribute to defining and delivering a Cyber & Information Security Strategy that supports the company's Business and Digital Transformation plans.
  • Help define a target state security architecture and identify change initiatives.
  • Conduct continuous assessments of current Digital & IT and Industrial systems and processes.
  • Support all UK&I project initiatives ensuring the company’s existing security frameworks are completed and integrated into the Product Delivery Lifecycle.
  • Maintain awareness and knowledge of vendor space, current and emerging technologies, and services of interest and relevance to the maturity and continuous improvements of the UK&I and Group catalog of security services.
  • Engage with various stakeholder groups and committees across Digital & IT, Industrial, and Group to provide subject matter expertise and advice on all matters of cyber and information security architecture, and secure commitment to support strategic and tactical security initiatives.
  • Provide consultancy for technology implementation – ensuring that legislative (privacy, data protection) and security (policies, minimum security requirements, PSATs, etc.) factors are considered to safeguard the company’s information assets.
  • Act as a contact for security architecture & engineering project-related escalations.
  • Support the Cyber & Information Security GRC Lead to undertake technical threat and risk assessments/reviews of IT and the Industrial business environments.
  • Develop actions and plans with Digital & IT and Business leaders to address identified security exposures, through effective planning and execution with the help of supporting functions.
  • Keep up-to-date with the latest threat information, risks, and technologies, and implement adequate detective, preventive, and corrective security controls seeking internal (Group) and external advice where necessary.
  • Work closely with the Development department to ensure the ‘Low Code’ ‘No Code’ strategy and associated platforms incorporate effective security by design methodologies assuring that known security weaknesses i.e. OWASP top 10 are addressed and tested in advance of system migration to production.
  • Ensure that you fully comply with Saint-Gobain’s Data Governance Policies as they relate to your area and demonstrate in your day-to-day work that you treat data as an important corporate asset that must be protected and managed.
  • Maintain Saint-Gobain’s compliance standards and in collaboration with the CISO and CISO department, ensure timely completion and submission of all local and group-driven reporting requirements.
  • Ensure that all architecture designs established to ensure the safe and secure Acquisitions and Divestments are completed in line with Group directives, whilst minimizing the introduction of any new security risks to the company.
Posted 9 days ago
Apply
Apply
🔥 Associate Information Security Analyst
Posted 9 days ago

🏢 Company: American College of Education👥 100-500Education

Posted 9 days ago
Apply
Apply
🔥 Cyber Security Analyst
Posted 16 days ago

📍 South Africa, Mauritius, UK

🧭 Full-Time

🔍 Cyber Security

🏢 Company: Cyberlogic👥 51-100Cloud Data ServicesConsultingIT ManagementTechnical SupportCloud SecurityInformation TechnologyNetwork SecuritySoftware

  • 2-3 years of experience
  • National Certificate or equivalent
  • Darktrace - Threat Visualizer Part 1 & 2, Cyber Analyst Part 1 & 2, Darktrace/ Email Part 1 & 2
  • Qualys - Vulnerability Management, Patch Management, Web Application Scanning, Cloud Agent, and API Fundamental Self-Paced Training
  • SC-200, SC-100, CySa+, CASP+, Ethical hacking related certification, AZ-500
  • Basic understanding Office 365 Platform.
  • Advanced knowledge in network and email security.
  • Advanced knowledge of Computer Networks.
  • Advanced knowledge of Vulnerability Tools such as Qualys or Nessus.
  • Understanding command and control/ understanding how hackers may compromise your system.
  • Advanced understanding of SOC tooling, such as Darktrace, MS Sentinel, Qualys, MS Defender, Sentinel 1 etc.
  • Assess and address complex security issues.
  • Lead the implementation of security protocols and tools.
  • Identifying and resolving security gaps through technical analysis of systems and procedures.
  • Conduct security audits and evaluate current security measures for improvement.
  • Oversee the monitoring of security alerts and events.
  • Lead incident response procedures to contain, mitigate, and resolve security incidents.
  • Implement strategies to minimise unnecessary alerts and noise within security queues.
  • Drive SOC strategy by collaborating with the technical lead to develop Proof of Concepts for technologies offering enhanced value.
  • Guide and support junior team members in the planning and the implementation of phishing campaigns on a quarterly basis.
  • Respond to Tier 2 client inquiries and incidents via email within the specified SLA timeframe, providing timely updates and resolutions.
  • Oversee ongoing investigations into past incidents to uncover deeper insights.
  • Manage audits of client environments, guiding junior team members in data collection and vulnerability identification within client environments.
  • Lead software upgrade initiatives, ensuring all upgrades are conducted efficiently and in compliance with security standards.
  • Lead the creation of complex scripts for PowerShell, Bash, or Terminal to automate critical changes on devices.
  • Lead in-depth research on vulnerabilities, assess their potential impact on the environment, and develop and recommend effective mitigation strategies.

BashCybersecurityAPI testingComputer skillsScripting

Posted 16 days ago
Apply
Apply
🔥 Senior GRC Security Analyst
Posted 20 days ago

📍 Poland

💸 14700.0 - 25000.0 PLN per month

🔍 Software Development

🏢 Company: Appfire Technologies, LLC.

  • 5+ years of experience working in information security risk and/or compliance roles.
  • Knowledge of common Information Security frameworks such as CIS, ISO 27001 & SOC 2
  • Prior experience with cloud-based security tools, technologies, and controls a plus (e.g, Amazon AWS, Azure, Heroku, GCP)
  • A self-starter with the demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions.
  • Strategic analysis, creative problem solving, and business judgment are required
  • Excellent interpersonal and communication skills
  • Work on the coordination and facilitation of Appfire’s security governance goals and initiatives
  • Support our sales channels regarding prospect and customer security questions, assessments, and audits, including speaking to technical controls and their alternatives and appropriate risk mitigation.
  • Conduct assessments related to vendor risk management and follow up on associated findings.
  • Provide support and act as key stakeholder and lead of regulatory and compliance initiatives (e.g. ISO 27001, SOC2, GDPR, etc.).
  • Identify, document, and track information security policy related non-conformities and assist in developing and monitoring corrective action plans.
  • Assist in identifying & tracking information security risks, assessing impact, and tracking the execution of mitigation plans.
  • Assist in tracking information security risk acceptances and exceptions and monitoring the execution of remediation plans.
  • Track and ensure adequate and timely resolution to all audit and risk assessment findings/issues relating to information security.
  • Assist in the monitoring of business continuity (BC) and disaster recovery (DR) planning and testing.
  • Develop control key performance indicators (KPI) to ensure compliance-related controls are operating to an acceptable tolerance level.
  • Perform periodic compliance checks across the Appfire organization and develop and define associated metrics to allow clear visibility into Appfire governance, risk, and compliance status
  • Work on the coordination and execution of integration plans for Appfire acquisitions.
  • Moderate the annual review and update of information security related policies and processes.
  • Participate in and manage annual security awareness campaigns.
  • Evaluate and recommend GRC related technologies and solutions for future implementation.
  • Handle sensitive and/or confidential material and information with suitable discretion

AWSProject ManagementCloud ComputingCybersecurityJiraCommunication SkillsAnalytical SkillsMicrosoft OfficeRESTful APIsComplianceProblem-solving skillsRisk ManagementConfluence

Posted 20 days ago
Apply
Apply
🔥 GRC Security Analyst
Posted 20 days ago

📍 Poland

🧭 Full-Time

💸 12000.0 - 16000.0 PLN per month

🔍 Information Security

🏢 Company: Appfire Technologies, LLC.

  • 2+ years of experience working in information security risk and/or compliance roles.
  • Knowledge of common Information Security frameworks such as CIS, ISO 27001 & SOC 2.
  • Prior experience with cloud-based security tools, technologies, and controls a plus (e.g, Amazon AWS, Azure, Heroku, GCP)
  • Ability to work effectively within a fast-paced, changing environment that is going through high growth.
  • A self-starter with the demonstrated ability to take initiative, who can proactively identify issues/opportunities and recommend actions.
  • Creative problem solving required
  • Excellent interpersonal and communication skills
  • Work on the coordination and facilitation of Appfire’s security governance goals and initiatives
  • Support our sales channels regarding prospect and customer security questions, assessments, and audits, including speaking to technical controls and their alternatives and appropriate risk mitigation.
  • Conduct assessments related to vendor risk management and follow up on associated findings.
  • Provide support for regulatory and compliance initiatives (e.g. ISO 27001, SOC2, GDPR, etc.).
  • Identify, document, and track information security policy-related non-conformities and assist in developing and monitoring corrective action plans.
  • Assist in identifying & tracking information security risks, assessing impact, and tracking the execution of mitigation plans.
  • Assist in tracking information security risk acceptances and exceptions and monitoring the execution of remediation plans.
  • Track and ensure adequate and timely resolution to all audit and risk assessment findings/issues relating to information security.
  • Assist in the monitoring of business continuity (BC) and disaster recovery (DR) testing.
  • Perform periodic compliance checks across the Appfire organization.
  • Provide support for the coordination and execution of integration plans for Appfire acquisitions.
  • Support the annual review and update of information security-related policies and processes.
  • Participate in and support annual security awareness campaigns.
  • Handle sensitive and/or confidential material and information with suitable discretion.

AWSSQLCloud ComputingCybersecurityLinuxComplianceRisk Management

Posted 20 days ago
Apply

Related Articles

Why remote work is such a nice opportunity?

Posted about 1 month ago

Why remote work is such a nice opportunity?

Why is remote work so nice? Let's try to see!

Read More

Remote Job Certifications and Courses to Boost Your Career

Posted 8 months ago

Insights into the evolving landscape of remote work in 2024 reveal the importance of certifications and continuous learning. This article breaks down emerging trends, sought-after certifications, and provides practical solutions for enhancing your employability and expertise. What skills will be essential for remote job seekers, and how can you navigate this dynamic market to secure your dream role?

Read More

How to Balance Work and Life While Working Remotely

Posted 8 months ago

Explore the challenges and strategies of maintaining work-life balance while working remotely. Learn about unique aspects of remote work, associated challenges, historical context, and effective strategies to separate work and personal life.

Read More

Weekly Digest: Remote Jobs News and Trends (August 11 - August 18, 2024)

Posted 8 months ago

Google is gearing up to expand its remote job listings, promising more opportunities across various departments and regions. Find out how this move can benefit job seekers and impact the market.

Read More

How to Onboard Remote Employees Successfully

Posted 8 months ago

Learn about the importance of pre-onboarding preparation for remote employees, including checklist creation, documentation, tools and equipment setup, communication plans, and feedback strategies. Discover how proactive pre-onboarding can enhance job performance, increase retention rates, and foster a sense of belonging from day one.

Read More